Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/1f7c98-18aa-47d8-ab41-1161edb9bf0e/1/mM-9kSByrqOu0YiIv54Aj-BjOkM.roa
File: mM-9kSByrqOu0YiIv54Aj-BjOkM.roa (raw, json)
Hash identifier: y7ex1IMKVIBzVNjTK5ehkP5Sus5zFC027uwZ3vu4LZE=
Subject key identifier: 98:CF:BD:91:20:72:AE:A3:AE:D1:88:88:BF:9E:00:8F:E0:63:3A:43
Certificate issuer: /CN=966afc14d4a19a7c2c168eb2c81d5622b30149eb
Certificate serial: 018432DF5C55A37833846B033643D6DD382C
Authority key identifier: 96:6A:FC:14:D4:A1:9A:7C:2C:16:8E:B2:C8:1D:56:22:B3:01:49:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lmr8FNShmnwsFo6yyB1WIrMBSes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/1f7c98-18aa-47d8-ab41-1161edb9bf0e/1/mM-9kSByrqOu0YiIv54Aj-BjOkM.roa
Signing time: Tue 01 Nov 2022 11:06:49 +0000
ROA not before: Tue 01 Nov 2022 11:06:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43273
IP address blocks: 91.238.168.0/22 maxlen: 22
91.196.248.0/22 maxlen: 22
5.252.172.0/22 maxlen: 22
185.149.244.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:32:df:5c:55:a3:78:33:84:6b:03:36:43:d6:dd:38:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=966afc14d4a19a7c2c168eb2c81d5622b30149eb
Validity
Not Before: Nov 1 11:06:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98cfbd912072aea3aed18888bf9e008fe0633a43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d6:67:94:9c:81:f6:f2:74:5b:9e:3a:f0:96:
c3:5c:56:2a:fc:5b:3b:72:8f:7d:b8:42:a6:39:ec:
b3:1f:b1:b3:f5:ec:49:7e:e8:f7:e9:1e:e9:d4:29:
fa:86:ef:67:1e:7d:7f:d5:fd:0c:6d:36:ac:ef:ec:
a8:87:23:0d:b1:8f:7d:c5:e5:54:e2:c9:61:74:f4:
97:8a:77:59:36:54:fa:f2:b5:18:99:ae:c7:63:cd:
57:c0:51:90:6b:d0:d8:3f:ae:6c:84:20:97:79:f6:
00:d0:15:ba:72:c3:c5:c5:b2:f8:69:37:53:6e:c3:
87:97:0a:82:7e:28:4f:5c:2b:63:51:5c:aa:26:78:
b9:32:bc:6c:7b:4e:b3:17:f9:0d:7b:2b:ad:00:41:
83:d8:0e:0a:d8:26:9b:64:a0:87:e8:cd:ea:73:ed:
0d:aa:96:19:77:69:5f:59:b7:55:f7:60:77:c6:b9:
7f:85:60:d4:7d:dc:a6:52:f7:3a:12:58:83:8b:ab:
1f:6f:6f:75:27:11:66:99:28:22:64:92:58:29:68:
54:10:88:16:3a:16:b5:be:74:a7:e6:44:69:20:e8:
19:9e:64:45:23:25:a9:fd:fc:73:89:e1:4b:c0:55:
8d:cc:16:80:fb:0a:a5:5a:15:b4:51:47:15:13:ea:
dc:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:CF:BD:91:20:72:AE:A3:AE:D1:88:88:BF:9E:00:8F:E0:63:3A:43
X509v3 Authority Key Identifier:
keyid:96:6A:FC:14:D4:A1:9A:7C:2C:16:8E:B2:C8:1D:56:22:B3:01:49:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lmr8FNShmnwsFo6yyB1WIrMBSes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/1f7c98-18aa-47d8-ab41-1161edb9bf0e/1/mM-9kSByrqOu0YiIv54Aj-BjOkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/1f7c98-18aa-47d8-ab41-1161edb9bf0e/1/lmr8FNShmnwsFo6yyB1WIrMBSes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.172.0/22
91.196.248.0/22
91.238.168.0/22
185.149.244.0/22
Signature Algorithm: sha256WithRSAEncryption
55:0b:b8:84:f6:48:67:0a:a1:86:31:aa:a7:c6:41:d5:b3:c0:
c8:b3:6f:f8:c6:9a:fb:b0:83:eb:02:11:b3:64:49:a6:e9:96:
07:0d:73:5c:68:40:20:b4:0b:07:4d:a9:33:34:fe:f8:43:32:
74:12:14:c6:9a:da:1d:3f:d2:85:1f:fd:6e:56:ba:95:c8:94:
d9:06:c6:9c:53:21:e8:6e:98:e5:f2:f8:45:48:a6:a3:71:ec:
8f:91:2d:d8:a1:ab:7c:3e:12:13:c3:aa:8f:85:56:45:2e:a0:
15:3b:8a:70:69:57:8b:50:74:bf:7e:47:c6:cb:39:06:62:10:
ec:78:a7:ab:6a:3b:c3:18:7f:c6:8a:60:04:fd:69:4f:6c:f3:
90:e7:12:e1:0a:ee:07:3f:aa:2e:f3:da:26:c4:fc:73:a9:65:
fb:e1:fc:8c:48:fd:63:4b:df:e8:46:c6:86:1e:d0:21:d7:f6:
3a:8f:94:5e:27:56:3b:6f:27:ed:be:79:18:63:f3:5e:72:02:
b6:ab:bf:3b:ec:81:e4:25:95:f2:cc:d9:a1:20:cd:5a:56:55:
c4:8f:89:4e:60:ed:81:24:2c:8a:4e:27:6f:29:33:83:56:20:
8b:32:08:7b:ee:f0:8f:19:01:26:7e:eb:12:aa:dd:72:c5:30:
96:df:03:de
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYQy31xVo3gzhGsDNkPW3TgsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NmFmYzE0ZDRhMTlhN2MyYzE2OGViMmM4MWQ1NjIyYjMw
MTQ5ZWIwHhcNMjIxMTAxMTEwNjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGNmYmQ5MTIwNzJhZWEzYWVkMTg4ODhiZjllMDA4ZmUwNjMzYTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtZnlJyB9vJ0W5468JbDXFYq/Fs7
co99uEKmOeyzH7Gz9exJfuj36R7p1Cn6hu9nHn1/1f0MbTas7+yohyMNsY99xeVU
4slhdPSXindZNlT68rUYma7HY81XwFGQa9DYP65shCCXefYA0BW6csPFxbL4aTdT
bsOHlwqCfihPXCtjUVyqJni5Mrxse06zF/kNeyutAEGD2A4K2CabZKCH6M3qc+0N
qpYZd2lfWbdV92B3xrl/hWDUfdymUvc6EliDi6sfb291JxFmmSgiZJJYKWhUEIgW
Oha1vnSn5kRpIOgZnmRFIyWp/fxzieFLwFWNzBaA+wqlWhW0UUcVE+rcgQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJjPvZEgcq6jrtGIiL+eAI/gYzpDMB8GA1UdIwQY
MBaAFJZq/BTUoZp8LBaOssgdViKzAUnrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbG1yOEZOU2htbndzRm82eXlCMVdJck1CU2VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8xZjdjOTgtMThhYS00N2Q4LWFiNDEt
MTE2MWVkYjliZjBlLzEvbU0tOWtTQnlycU91MFlpSXY1NEFqLUJqT2tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8xZjdjOTgtMThhYS00N2Q4LWFiNDEtMTE2MWVkYjliZjBl
LzEvbG1yOEZOU2htbndzRm82eXlCMVdJck1CU2VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBfysAwQC
W8T4AwQCW+6oAwQCuZX0MA0GCSqGSIb3DQEBCwUAA4IBAQBVC7iE9khnCqGGMaqn
xkHVs8DIs2/4xpr7sIPrAhGzZEmm6ZYHDXNcaEAgtAsHTakzNP74QzJ0EhTGmtod
P9KFH/1uVrqVyJTZBsacUyHobpjl8vhFSKajceyPkS3Yoat8PhITw6qPhVZFLqAV
O4pwaVeLUHS/fkfGyzkGYhDseKerajvDGH/GimAE/WlPbPOQ5xLhCu4HP6ou89om
xPxzqWX74fyMSP1jS9/oRsaGHtAh1/Y6j5ReJ1Y7byftvnkYY/NecgK2q7877IHk
JZXyzNmhIM1aVlXEj4lOYO2BJCyKTidvKTODViCLMgh77vCPGQEmfusSqt1yxTCW
3wPe
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:15 2025 by rpki-client